Merge "Properly handle octet (byte) strings when converting LDAP responses" into stable/train
This commit is contained in:
commit
6df6aec584
|
@ -17,6 +17,7 @@ import codecs
|
|||
import os.path
|
||||
import re
|
||||
import sys
|
||||
import uuid
|
||||
import weakref
|
||||
|
||||
import ldap.controls
|
||||
|
@ -94,7 +95,16 @@ def utf8_decode(value):
|
|||
:raises UnicodeDecodeError: for invalid UTF-8 encoding
|
||||
"""
|
||||
if isinstance(value, six.binary_type):
|
||||
return _utf8_decoder(value)[0]
|
||||
try:
|
||||
return _utf8_decoder(value)[0]
|
||||
except UnicodeDecodeError:
|
||||
# NOTE(lbragstad): We could be dealing with a UUID in byte form,
|
||||
# which some LDAP implementations use.
|
||||
uuid_byte_string_length = 16
|
||||
if len(value) == uuid_byte_string_length:
|
||||
return six.text_type(uuid.UUID(bytes_le=value))
|
||||
else:
|
||||
raise
|
||||
return six.text_type(value)
|
||||
|
||||
|
||||
|
|
|
@ -520,6 +520,20 @@ class CommonLdapTestCase(unit.BaseTestCase):
|
|||
# The user name should still be a string value.
|
||||
self.assertEqual(user_name, py_result[0][1]['user_name'][0])
|
||||
|
||||
def test_user_id_attribute_is_uuid_in_byte_form(self):
|
||||
results = [(
|
||||
'cn=alice,dc=example,dc=com',
|
||||
{
|
||||
'cn': [b'cn=alice'],
|
||||
'objectGUID': [b'\xdd\xd8Rt\xee]bA\x8e(\xe39\x0b\xe1\xf8\xe8'],
|
||||
'email': [uuid.uuid4().hex],
|
||||
'sn': [uuid.uuid4().hex]
|
||||
}
|
||||
)]
|
||||
py_result = common_ldap.convert_ldap_result(results)
|
||||
exp_object_guid = '7452d8dd-5dee-4162-8e28-e3390be1f8e8'
|
||||
self.assertEqual(exp_object_guid, py_result[0][1]['objectGUID'][0])
|
||||
|
||||
|
||||
class LDAPFilterQueryCompositionTest(unit.BaseTestCase):
|
||||
"""These test cases test LDAP filter generation."""
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
fixes:
|
||||
- |
|
||||
[`bug 1889936 <https://bugs.launchpad.net/keystone/+bug/1889936>`_]
|
||||
Properly decode octet strings, or byte arrays, returned from LDAP.
|
Loading…
Reference in New Issue